Back to list
SQL Injection Exploit for WordPress <= 18.104.22.168
Jun 07 2005 07:40PM
Alberto Trivero (trivero jumpy it)
Re: SQL Injection Exploit for WordPress <= 22.214.171.124
Jun 07 2005 08:24PM
Giorgio Mandolfo (giorgio mandolph ath cx)
* Alberto Trivero <trivero (at) jumpy (dot) it [email concealed]> [070605, 21:40]:
> #!/usr/bin/perl -w
Thanks for the code.
In any case I get 'Unable to retrieve username' and 'hash of password'
That's quite strange since I run a exploitable version.
According to wp-includes/version.php this is Wordpress 1.5 (old install from a
GLSA 200506-04 says that Wordpress < 126.96.36.199 is vulnerable, but it seems not to
be the case.
Who can clarify?
BOFH excuse #449:
greenpeace free'd the mallocs
[ reply ]
Copyright 2010, SecurityFocus